The fail2ban service is not working but the regex matches...
thats my config:
sudo nano /etc/fail2ban/filter.d/login_eiren_studio.conf
[Definition]
datepattern =\[%%Y-%%m-%%d\s%%H:%%M:%%S\s%%z\]
failregex =^\s\|\sIP:\s<HOST>\s.*$
ignoreregex =
sudo nano /etc/fail2ban/jail.local
[login_eiren_studio]
enabled = true
filter = login_eiren_studio
logpath = /var/www/openvscode/proyectos/login.eiren.studio/logs/badauth.log
maxretry = 5
bantime = 3600
findtime = 600
and the logs...
[2025-01-02 12:43:58 +0100] | IP: 85.87.24.22 | Dispositivo: Windows 10 | Navegador: Chrome 131.0.0.0 | Usuario: intento de login: josuenbeita@gmail.com | Mensaje: Error: El usuario existe pero la contraseña no es correcta.
[2025-01-02 12:52:18 +0100] | IP: 85.87.24.22 | Dispositivo: Windows 10 | Navegador: Chrome 131.0.0.0 | Usuario: intento de login: josuenbeita@gmail.com | Mensaje: Error: El usuario existe pero la contraseña no es correcta.
when I try with fail2ban-regex matches the logs IMAGE
But when I put fail2ban-client status login_eiren_studio I´ve got 0 failed auths, my timezone is Europe/Madrid in my computer and in the logs too IMAGE
Nothing in the fail2ban logs, ive got configured as default (root) and i have read permissions in the logs
Any Ideas? Thx ;)
On Ubuntu/Debian the default backed is now systemd and to process files you probably need to add backend = polling in your jail configuration.
